Deutsch English Français Italiano |
<uu9aqc$12m8k$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Chris Ahlstrom <OFeem1987@teleworm.us> Newsgroups: comp.os.linux.advocacy Subject: Re: Fedora Rawhide Date: Sat, 30 Mar 2024 11:23:54 -0400 Organization: None Lines: 29 Message-ID: <uu9aqc$12m8k$1@dont-email.me> References: <l6p43aFa7q1U6@mid.individual.net> Reply-To: OFeem1987@teleworm.us Injection-Date: Sat, 30 Mar 2024 15:23:57 +0100 (CET) Injection-Info: dont-email.me; posting-host="031ec8965709af23e98d4ea7fefcd3e6"; logging-data="1136916"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/mEk3GXc8W9LNkqWXBmwRb" User-Agent: slrn/1.0.3 (Linux) Cancel-Lock: sha1:yLfiIgm8vGdHKYqC/c3J/PXlMXo= X-Mutt: The most widely-used MUA X-Slrn: Why use anything else? X-User-Agent: Microsoft Outl00k, Usenet K00k Editions Bytes: 1886 rbowman wrote this copyrighted missive and expects royalties: > https://fedoramagazine.org/cve-2024-3094-security-alert-f40-rawhide/#more-40042 > > The corrupt xz is not limited to Fedora but so far is confined to beta > builds like Rawhide and not in released versions like Fedora 39. > > https://en.wikipedia.org/wiki/XZ_Utils I see that it's date Apr 8 2022 (version 5.2.4) on the Ubuntu laptop, and Mar 28 (version 5.6.1) on the Arch laptop. https://fedoramagazine.org/cve-2024-3094-security-alert-f40-rawhide/#more-40042 The Fedora Project was made aware of CVE-2024-3094 on Friday, March 29th related to the xz tools and libraries... Hmmmm. https://security.archlinux.org/CVE-2024-3094 AVG-2851 xz 5.6.0-1 5.6.1-2 Critical Fixed Not yet updated via pacman. -- There are more things in heaven and earth, Horatio, than are dreamt of in your philosophy. -- Wm. Shakespeare, "Hamlet"